summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/nsswitch/winbindd_group.c23
-rw-r--r--source3/nsswitch/winbindd_proto.h5
-rw-r--r--source3/nsswitch/winbindd_util.c10
3 files changed, 19 insertions, 19 deletions
diff --git a/source3/nsswitch/winbindd_group.c b/source3/nsswitch/winbindd_group.c
index 3bee95b845..713c0e70b6 100644
--- a/source3/nsswitch/winbindd_group.c
+++ b/source3/nsswitch/winbindd_group.c
@@ -894,13 +894,17 @@ enum winbindd_result winbindd_getgroups(struct winbindd_cli_state *state)
uint32 user_rid, num_groups, num_gids;
DOM_GID *user_groups = NULL;
struct winbindd_domain *domain;
- enum winbindd_result result;
+ enum winbindd_result result = WINBINDD_ERROR;
gid_t *gid_list;
int i;
+ TALLOC_CTX *mem_ctx;
DEBUG(3, ("[%5d]: getgroups %s\n", state->pid,
state->request.data.username));
+ if (!(mem_ctx = talloc_init()))
+ return WINBINDD_ERROR;
+
/* Parse domain and username */
parse_domain_user(state->request.data.username, name_domain,
@@ -910,14 +914,14 @@ enum winbindd_result winbindd_getgroups(struct winbindd_cli_state *state)
the entire name. */
if (strequal(name_domain, ""))
- return WINBINDD_ERROR;
+ goto done;
/* Get info for the domain */
if ((domain = find_domain_from_name(name_domain)) == NULL) {
DEBUG(0, ("could not find domain entry for domain %s\n",
name_domain));
- return WINBINDD_ERROR;
+ goto done;
}
slprintf(name, sizeof(name) - 1, "%s\\%s", name_domain, name_user);
@@ -926,20 +930,20 @@ enum winbindd_result winbindd_getgroups(struct winbindd_cli_state *state)
if (!winbindd_lookup_sid_by_name(name, &user_sid, &name_type)) {
DEBUG(1, ("user '%s' does not exist\n", name_user));
- return WINBINDD_ERROR;
+ goto done;
}
if (name_type != SID_NAME_USER) {
DEBUG(1, ("name '%s' is not a user name: %d\n", name_user,
name_type));
- return WINBINDD_ERROR;
+ goto done;
}
sid_split_rid(&user_sid, &user_rid);
- if (!winbindd_lookup_usergroups(domain, user_rid, &num_groups,
- &user_groups))
- return WINBINDD_ERROR;
+ if (!winbindd_lookup_usergroups(domain, mem_ctx, user_rid,
+ &num_groups, &user_groups))
+ goto done;
/* Copy data back to client */
@@ -947,7 +951,6 @@ enum winbindd_result winbindd_getgroups(struct winbindd_cli_state *state)
gid_list = malloc(sizeof(gid_t) * num_groups);
if (state->response.extra_data) {
- result = WINBINDD_ERROR;
goto done;
}
@@ -971,7 +974,7 @@ enum winbindd_result winbindd_getgroups(struct winbindd_cli_state *state)
result = WINBINDD_OK;
done:
- SAFE_FREE(user_groups);
+ talloc_destroy(mem_ctx);
return result;
}
diff --git a/source3/nsswitch/winbindd_proto.h b/source3/nsswitch/winbindd_proto.h
index 78afeae94c..7c3326ce36 100644
--- a/source3/nsswitch/winbindd_proto.h
+++ b/source3/nsswitch/winbindd_proto.h
@@ -133,11 +133,14 @@ BOOL get_domain_info(void);
void free_domain_info(void);
BOOL lookup_domain_sid(char *domain_name, struct winbindd_domain *domain);
BOOL winbindd_lookup_sid_by_name(char *name, DOM_SID *sid, enum SID_NAME_USE *type);
-BOOL winbindd_lookup_name_by_sid(DOM_SID *sid, fstring name, enum SID_NAME_USE *type);
+BOOL winbindd_lookup_name_by_sid(DOM_SID *sid,
+ fstring name,
+ enum SID_NAME_USE *type);
BOOL winbindd_lookup_userinfo(struct winbindd_domain *domain,
TALLOC_CTX *mem_ctx, uint32 user_rid,
SAM_USERINFO_CTR **user_info);
BOOL winbindd_lookup_usergroups(struct winbindd_domain *domain,
+ TALLOC_CTX *mem_ctx,
uint32 user_rid, uint32 *num_groups,
DOM_GID **user_groups);
BOOL winbindd_lookup_groupmem(struct winbindd_domain *domain,
diff --git a/source3/nsswitch/winbindd_util.c b/source3/nsswitch/winbindd_util.c
index 75ed3a9efe..c603bac054 100644
--- a/source3/nsswitch/winbindd_util.c
+++ b/source3/nsswitch/winbindd_util.c
@@ -403,7 +403,6 @@ BOOL winbindd_lookup_sid_by_name(char *name, DOM_SID *sid, enum SID_NAME_USE *ty
return False; /* Negative cache hit. */
return True;
}
-
/* Lookup name */
if (!(mem_ctx = talloc_init()))
@@ -431,7 +430,7 @@ BOOL winbindd_lookup_sid_by_name(char *name, DOM_SID *sid, enum SID_NAME_USE *ty
*type = types[0];
/* Store the forward and reverse map of this lookup in the cache. */
- store_sid_by_name_in_cache(name, &sids[0], types[0]);
+ store_sid_by_name_in_cache(name, &sids[0], types[0]);
store_name_by_sid_in_cache(&sids[0], name, types[0]);
} else {
/* JRA. Here's where we add the -ve cache store with a name type of SID_NAME_USE_NONE. */
@@ -587,19 +586,16 @@ BOOL winbindd_lookup_userinfo(struct winbindd_domain *domain,
/* Lookup groups a user is a member of. I wish Unix had a call like this! */
BOOL winbindd_lookup_usergroups(struct winbindd_domain *domain,
+ TALLOC_CTX *mem_ctx,
uint32 user_rid, uint32 *num_groups,
DOM_GID **user_groups)
{
- TALLOC_CTX *mem_ctx;
CLI_POLICY_HND *hnd;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
POLICY_HND dom_pol, user_pol;
uint32 des_access = SEC_RIGHTS_MAXIMUM_ALLOWED;
BOOL got_dom_pol = False, got_user_pol = False;
- if (!(mem_ctx = talloc_init()))
- return False;
-
/* Get sam handle */
if (!(hnd = cm_get_sam_handle(domain->name)))
@@ -639,8 +635,6 @@ BOOL winbindd_lookup_usergroups(struct winbindd_domain *domain,
if (got_dom_pol)
cli_samr_close(hnd->cli, mem_ctx, &dom_pol);
- talloc_destroy(mem_ctx);
-
return NT_STATUS_IS_OK(result);
}